Remarks 



Applicants request reconsideration and allowance of the present application 
in view of the following remarks. 

Claims 2-10 and 12-28 are pending in the present application. Claims 21-24 
are the independent claims. 

Claims 2, 13, 21 and 22 have been amended. No new matter is believed to 
have been added. 

Claims 2, 3, 7-10, 12, 13, and 17-22 stand rejected under 35 U.S.C. § 102E 
as being anticipated by U.S. Patent Publication No. 2004/0210771 {Wood et aL). 
Claims 4-6 and 14-16 stand rejected under 35 U.S.C. § 103 as obvious over wood 
in view of U.S. patent Publication No. 2003/0051026 {Carteret al.). 

Independent claim 21 and 22 and depended claims 3 and 13 have been 
amended to emphasize the uniqueness of the present invention to overcome office 
rejections. 

Independent claims 21 and 22 define two types of processes: an interaction 
process of communication between a client terminal and a server and internal 
process running only at the operating system of the server. According to the 
applicant the identification of the original user session is transferred to internal 
processes succeeding interaction processes. 

Applicants respectfully submit that Wood et al. does not teach at least the 
aforementioned claim features, for at least the following reasons. Furthermore, 
Applicants respectfully submit that the combination of Wood et al. and Carter et al. 
fails to disclose all of the features of the dependent claims. 

In Wood the claim term "interaction" is describing access requests of a client 
entity to an information security system. For example, Wood et al. explains that "In 
one utilization, session tokens are issued to client entities as part of an interaction 
Witt) ttie security arctiitecture and are thereafter presented with access 
requests" {Wood et al., paragraph [0045]). The interaction is limited only to 
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session between the requesting entity and tine information security infornnation 
system. Wood fails to disclose associating between interaction process and 
internal processes for transferring the identify code of the original session for 
determining authorization levels at internal process running at the kernel level. 

The claims as amended variously recite to the process operations which are 
a carried out at the operating system of the server. These operations are internal 
processes of the operating system, having no interaction with external entities. A 
novel aspect of the present invention as claimed is the ability to transfer the 
session ID between an external session that relates to interaction process with 
external entities and processes at the operating system level. Wood et al. limits the 
continuity only to interaction between the external entity and security information 
system, stating in paragraph [0045], that "[s]ession continuity means the 
maintenance of coherent session state across one or more interactions between an 
entity and an information environment". 

"providing a persistent session in a networked information environment 
includes associating a unique session identifier with a set of access requests 
originating from a client entity and maintaining the unique session identifier 
across a credential level change" {Wood et al., paragraph [0011]). This sentence 
exemplifies that the unique session identifier is maintained only through the 
interaction of access request between a client entity and information system, not 
relating to the process initiated by the access request and carried out in operating 
system of the information system. 

The Office further cites " In general, a wide variety of entities, including c 
users operating browser and/or non-browser client applications as well as 
automated agents and systems, may interact witfi enterprise applications and/or 
resources 190 and the security architecture as described herein. " {Wood et al., 
paragraph [0041]). This paragraph describes the type of entities which can interact 
with information security system according to Wood et al.] all these types of entities 
are external to the information security system. According to claims 22 and 21 as 
presently presented, at least some of the processes are internal operations running 
only within the server at the operating system level. 
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Accordingly, favorable reconsideration and withdrawal of the rejection of 
independent claims 21 and 22 under 35 U.S.C. § 102 are respectfully requested. 

The dependent claims are patentably for reasons other than their base 
claims 

Each of clainns 2-10 and 12 to 20 and 25-28 depend, directly on indirectly, 
from claim 21 , 22 or 24 discussed above, and thus is patentable at least for the 
virtue of being dependent on a patentable base claim. Nevertheless, the applicant 
discusses the patentability of some of the dependent claims independently of the 
patentability of the base claims. 

Amended Claims 3 and 13 continue to recite at least one agent installed on 
the at least one server, the agent enabling correlating between processes and 
sessions on different servers transferring identity code is between internal 
processes running on different servers. Wood et al.'s teaching that a gatekeeper 
and entry handler component 110 provides an entry point for external client 
applications requesting access to enterprise applications and/or resources 190, 
including e.g., information resources 191, 192 . . . 193, for which access 
management is provided by the security architecture at paragraph [0033] 
anticipates this claim feature. This explanation in Wood et al., relates only to 
access requests of external clients to multiple enterprise application and not 
correlating between processes on different servers, which refers to interaction in 
between the servers of processes running in the operating systems of servers 
transferring identification code between internal processes. Absent is any teaching 
of correlating between processes and sessions on different servers. Applicants 
respectfully submit that this is another reason for which claim 3 and 13 are 
patentable over the cited art. 

Claim 14 recites the following feature: "the association of the session 
identification code to the additional process comprises adding an identification 
code of the original session to the process information vector". 

The Office acknowledges that the aforementioned feature is not disclosed 
by Wood et al. Nonetheless, the Office contends that paragraph [0432] of Carter et 
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al. discloses this feature arguing that that the matrix in Carter are equivalent to the 
vector in the applicant invention. The applicants respectfully disagree. This matrix 
is a central information source for all users and processes not part of the process 
information. Implementing a central matrix for all processes and users requires 
complex databases and algorithms for maintaining the this matrix, while the 
applicant unique method of using vector including the unique identification code a 
part of the process data provides enhanced solution which Carter fails to disclose. 

Thus, Carteret al. does not disclose adding an identification code oftlie 
original session to the process information vector, as recited in claim 14. Rather, in 
Carter et al., the identification of the parent process id (PID) is not inherited from 
the parent process and not added to the process vector, the identification is 
retrieved from a general file ("filename file") and stored in an identification matrix: 
"A process read routine strips away all process ids (PIDs) and parent process 
ids (PPIDs) from ttie filename file along witti the user information, such as the 
UID-the owner of each process— from the filename file. Another process called 
matrix generation generates the process identification matrix from the 
information stored in the filename file." {Carter et al., paragraph [0340]). 

Applicants respectfully submit that this is another reason for which claim 14 
is patentable over the cited art. 

The Claim 4 contains the aforementioned feature, in language pertaining to 
system. The applicant respectfully submits that this is another reason for which 
claim 4 is patentable over the cited art. 

Claims 5 and 15 contain the following feature: "the session identification 
code replaces redundant information in the process information vector". The 
Examiner did not consider this limitation for the second time; therefore, the 
applicant respectfully submits that no prima facie case of obviousness was 
presented against claim 5 or against claim 15 (see MPEP § 2143.03). 

In view of the foregoing. Applicants respectfully submit that the independent 
claims patentably define the present invention over the citations of record. Further, 
the dependent claims should also be allowable for the same reasons as their 
respective base claims and further due to the additional features that they recite. 
Separate and individual consideration of the dependent claims is respectfully 
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requested. 

Applicants believe that the present Annendnnent is responsive to each of the 
points raised by the Examiner in the Official Action. However, if there are any 
formal matters remaining after this response, the Examiner is requested to 
telephone the undersigned to attend to such matters. 

There being no further outstanding objections or rejections, it is submitted 
that the present application is in condition for allowance. An early action to that 
effect is courteously solicited. 



Respectfully submitted, 

By: /Michael Kondoudis/ 

Michael Kondoudis 
Reg. No. 42, 758 



The Law Office 

of Michael E. Kondoudis 

888 16*^ Street, NW 
Suite 800 

Washington, DC 20006 
202-349-9850 
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